This is a model of a fuel control system where Stateflow(R) is used to handle the fault management of the system. The system contains four separate sensors: a throttle sensor, a speed sensor, an oxygen sensor, and a pressure sensor.<\/p>\n
Each of these sensors is represented by a parallel state in Stateflow. Each parallel state contains two substates, a normal state and a failed state (the exception being the oxygen sensor, which also contains a warmup state).\u00a0 If any of the sensor readings is outside an acceptable range, then a fault is registered in Stateflow, and the substate of the corresponding subsystem transitions to the failed state. If a subsystem recovers, it can transition back to the normal state.<\/p>\n
A state regulates the oxygen to fuel mixture ratio. If a failure is detected, then the oxygen to fuel ratio is increased. If multiple failures are detected, then the fuel system is disabled until there are no longer multiple failures in the system.<\/p>\n
\n
Modelisation for SMC<\/h3>\nImportant!<\/strong><\/p>Our probabilistic model can be downloaded here:<\/p>\n\n- Plasma project: sldemo_fuelsys.plasma<\/a><\/li>\n<\/ul>\n
\n- Simulink model: sldemo_fuelsys_estasys.mdl<\/a><\/li>\n<\/ul>\n
To execute the model you will need to build\u00a0 the S-Function Builder in Simulink:<\/p>\n
\n- Locate the S-Function Builder block in the block “Speed Sensor\/Poisson”<\/li>\n
- Right click on “Properties”<\/li>\n
- Launch “Build”<\/li>\n<\/ol>\n
<\/div>\n
In the original model, sensors’ faults are decided by the user using manual switch block for each sensor. The interest of the SMC approach come from the possibility to observe a large set of execution trace produced by a probabilistic procedure.<\/p>\n
![\"fuel_control_sys\"](\"https:\/\/project.inria.fr\/plasma-lab\/files\/2014\/03\/fuel_control_sys-300x156.png\")
A general view of the probabilistic model<\/p><\/div>\n
To do this we replaced Speed, EGO and MAP manual switches by custom probabilistic switches. These switches use a Poisson distribution and are parameterized by a rate to decide when a fault happen. A sensor will repair itself after a duration of 1 second. Although we modified the original model ourselves, we used the description of the probabilistic model from Bayesian Statistical Model Checking with Application to Stateflow\/Simulink Verification\u00a0<\/em>(Zuliani, Platzer, Clarke).<\/p>\n![\"poisson_proc\"](\"https:\/\/project.inria.fr\/plasma-lab\/files\/2014\/03\/poisson_proc-300x87.png\")
<\/a>Poisson distribution block<\/p><\/div>\n
The Poisson distribution block<\/em> draw a time T<\/em> in second before the next fault happen and use a Stateflow chart as a timer. <\/em>Once the time T<\/em> is reached, the block emit a signal corresponding to a fault. In this block, the S-Function block call the C function rand<\/em>. We had to use C to overcome the lack of equivalent random block in Simulink.<\/p>\n![\"fault_switch\"](\"https:\/\/project.inria.fr\/plasma-lab\/files\/2014\/03\/fault_switch-300x54.png\")
<\/a>The probabilistic switch with repair timer<\/p><\/div>\n
The signal from the Poisson block<\/em> is then used in a switch. In case of a fault signal the fault value<\/em> (a constant) is returned instead of the sensor value<\/em>. A Stateflow repair timer<\/em> is used to maintain the fault signal for a duration of 1 second.<\/p>\n
Important!<\/strong><\/p>Our probabilistic model can be downloaded here:<\/p>\n To execute the model you will need to build\u00a0 the S-Function Builder in Simulink:<\/p>\n <\/div>\n In the original model, sensors’ faults are decided by the user using manual switch block for each sensor. The interest of the SMC approach come from the possibility to observe a large set of execution trace produced by a probabilistic procedure.<\/p>\n A general view of the probabilistic model<\/p><\/div>\n To do this we replaced Speed, EGO and MAP manual switches by custom probabilistic switches. These switches use a Poisson distribution and are parameterized by a rate to decide when a fault happen. A sensor will repair itself after a duration of 1 second. Although we modified the original model ourselves, we used the description of the probabilistic model from Bayesian Statistical Model Checking with Application to Stateflow\/Simulink Verification\u00a0<\/em>(Zuliani, Platzer, Clarke).<\/p>\n Poisson distribution block<\/p><\/div>\n The Poisson distribution block<\/em> draw a time T<\/em> in second before the next fault happen and use a Stateflow chart as a timer. <\/em>Once the time T<\/em> is reached, the block emit a signal corresponding to a fault. In this block, the S-Function block call the C function rand<\/em>. We had to use C to overcome the lack of equivalent random block in Simulink.<\/p>\n The probabilistic switch with repair timer<\/p><\/div>\n The signal from the Poisson block<\/em> is then used in a switch. In case of a fault signal the fault value<\/em> (a constant) is returned instead of the sensor value<\/em>. A Stateflow repair timer<\/em> is used to maintain the fault signal for a duration of 1 second.<\/p>\n\n
\n
\n
<\/a><\/a>
![\"graph\"](\"https:\/\/project.inria.fr\/plasma-lab\/files\/2014\/03\/graph-300x81.png\")
<\/a>